Kok Posted November 11, 2018 Share Posted November 11, 2018 I have JWT token and I want to modify the key id field. Kid field can be used for local files. I had verfied that /etc/passwd can be used but I don't know the content. So I want to know some files that I can predict the content. The target website have 127.0.0.1/__sinatra__/404.png which I can download that png file. But I don't know the absolute path for that file. Does anyone know the solution of my problem.? Please help me. Quote Link to comment Share on other sites More sharing options...
digininja Posted November 11, 2018 Share Posted November 11, 2018 If you can fingerprint the distro to one of the Debian varients, check /etc/debian_version or something like that, there are only a small number of possible values for that file. /etc/shells is probably also fairly fixed. Quote Link to comment Share on other sites More sharing options...
Kok Posted November 13, 2018 Author Share Posted November 13, 2018 digininja , Thanks for your answer. I found that debian version may be 3 or 4 or around them . Can I know all possible contents of /etc/debian_version of debian 3 and 4 . Quote Link to comment Share on other sites More sharing options...
digininja Posted November 13, 2018 Share Posted November 13, 2018 Yes you can know them. Access a few Debian boxes and checkout the file contents, you should then be able to make a fairly good prediction of the contents of the file. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.